Vulnerability Details CVE-2025-63713
Cross-Site Scripting (XSS) vulnerability in SourceCodester "MatchMaster" 1.0 allows remote attackers to inject arbitrary web script or HTML via crafted input in the custom test creation feature. The vulnerability exists because the application fails to properly sanitize user-supplied input in test titles and matching pair items before rendering them in the DOM during test execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 12.0%
CVSS Severity
CVSS v3 Score 6.1
References
Products affected by CVE-2025-63713
-
cpe:2.3:a:remyandrade:matching_type_test:1.0